Tony Hansen wrote:
Actually in light of that question, maybe we don't need "neutral" at
all. For methods that have a policy, the verification attempt will
produce one of the other results. For those that don't have some
queryable policy, "neutral" never happens.
Well, I've seen people who want to be able to say "X doesn't say
anything positive or negative for this message". That's the purpose of
neutral.
OK, so how about this for neutral:
The authentication method completed but was unable to reach a positive or
negative result for the message.
A related question is what value should be put in the headerspec for
failure situations? The identity has not been verified, so there's no
value to be put into the headerspec.
Why would it change? The method still based its evaluation on something (a
header value, envelope data, "i=", or something else).
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html